iSCSI configuration details for host connections

You must follow these configuration details for iSCSI host connections.

You can attach the system to Small Computer System Interface Over Internet Protocol (iSCSI) hosts by using the Ethernet ports of Storwize® V3500 systems.

Note: The system supports SAN devices that bridge iSCSI connections into a Fibre Channel network.
iSCSI connections route from hosts to Storwize V3500 systems over the LAN. You must follow these configuration rules for iSCSI host connections:
  • The system supports up to 1024 iSCSI sessions per node
  • The system currently supports one iSCSI connection per session
  • The system port limits are shared between Fibre Channel WWPNs and iSCSI names

Depending on the optional functions that are installed, the system supports a number of Fibre Channel and iSCSI connections at different connection speeds.

For each Ethernet port on a node, a maximum of one IPv4 address and one IPv6 address can be designated for iSCSI I/O.

iSCSI hosts connect to Storwize V3500 through the node-port IP address. If the node fails, the address becomes unavailable and the host loses communication with the system. To allow hosts to maintain access to data, the node-port IP addresses for the failed node are transferred to the partner node in the I/O group. The partner node handles requests for both its own node-port IP addresses and also for node-port IP addresses on the failed node. This process is known as node-port IP failover. In addition to node-port IP addresses, the iSCSI name and iSCSI alias for the failed node are also transferred to the partner node. After the failed node recovers, the node-port IP address and the iSCSI name and alias are returned to the original node.

Multiple configurations are supported if the following requirements are met.

  • System IP requirements: The system IP address provides access to the system management interfaces, including the management GUI, CLI, and CIMOM. The system IP address is also used to access remote services like authentication servers, NTP, SNMP, SMTP, and syslog systems, if configured.
    • Ethernet port 1 (1 Gbps) must be configured with an IPv4 or IPv6 system address.
    • Ethernet port 2 (1 Gbps) can optionally be configured with a system address.
    • A maximum of one IPv4 address and one IPv6 address can be configured on each of Ethernet ports 1 and 2 for system management.
    • To ensure system IP failover operations, Ethernet port 1 on all nodes must be connected to the same subnet. The system IP address can fail over to any node in the system.
    • System addresses can be configured only on ports 1 or 2.
  • iSCSI IP requirements: Node iSCSI IP addresses are used for host iSCSI I/O access to volumes. Node iSCSI IP addresses are also used to access a remote Internet Storage Name Service (iSNS) server, if configured.
    • For each node Ethernet port, a maximum of one IPv4 address and one IPv6 address can be designated for iSCSI I/O. This designation is in addition to any system addresses configured on the port.
    • Each node Ethernet port can be configured on the same subnet with the same gateway, or you can have each Ethernet port on separate subnets and use different gateways.
    • If you are configuring a system to use node 1 Gbps Ethernet ports 1 and 2 for iSCSI I/O, ensure that the overall configuration also meets the system IP requirements that are listed previously.
    • To ensure iSCSI IP failover operations, nodes in the same I/O group must be connected to the same set of subnets on the same node ports. However, you can configure node Ethernet ports in different I/O groups to use different subnets and different gateways.
    • IP addresses configured for system management and service access must not be used for iSCSI I/O.
  • Common IP requirements:
    • Every IP address must be unique within the system and within the networks the system is attached to.
    • If node Ethernet ports are connected to different isolated networks, then a different subnet must be used for each network.

A Storwize V3500 volume can be mapped the same way either to a Fibre Channel host, an iSCSI host, or both.

For the latest maximum configuration support information, see the following website:

www.ibm.com/support

The system supports the following I/O descriptions:
  • I/O from different initiators in the same host to the same I/O group
  • I/O from different initiators in different hosts to the same volumes
  • I/O from Fibre Channel and iSCSI initiators in different hosts to the same volumes
I/O from Fibre Channel and iSCSI initiators in the same hosts to the same volumes is not supported.

A clustered Ethernet port consists of one Ethernet port from each node in the clustered system that is connected to the same Ethernet switch. Ethernet configuration commands can be used for clustered Ethernet ports or node Ethernet ports. Storwize V3500 systems can be configured with redundant Ethernet networks.

To assign an IP address to each node Ethernet port for iSCSI I/O, use the cfgportip command. The MTU parameter of this command specifies the maximum transmission unit (MTU) to improve iSCSI performance.

You can configure iSNS to facilitate scalable configuration and management of iSCSI storage devices. Currently, you can have only one type of protocol that is used by the iSNS server at a time: either IPv4 or IPv6. For example, if you try to configure an IPv6 iSNS IP address when you already configured an IPv4 iSNS IP address, the new IPv6 IP address becomes the iSNS IP address. The old IP address can no longer be used for iSNS function.

Two types of authentication through the Challenge Handshake Authentication Protocol (CHAP) are supported:
  1. One-way authentication: iSCSI target (Storwize V3500 nodes) authenticating iSCSI initiators
  2. Two-way (mutual) authentication: iSCSI target (Storwize V3500 nodes) authenticating iSCSI initiators, and vice versa.
Attention: With the iSCSI initiator, you can set two passwords: one for discovery and another for iSCSI session I/O. However, the system requires that both passwords for each type of authentication are the same. That is, two identical passwords for one-way CHAP, and two identical passwords for two-way CHAP that are different from those passwords for one-way CHAP.

You can map an iSCSI host to volumes that are accessible through multiple I/O groups. iSCSI hosts can access volumes that are accessible through multiple I/O groups (and single I/O groups). An iSCSI host that is mapped to a volume that is accessible through multiple I/O groups is online if it has at least one active iSCSI session with each I/O group of the access set. If volumes are not mapped to an iSCSI host, it is degraded. If a volume is mapped to an iSCSI host but there no active iSCSI sessions to any I/O group part of the volume access set, the host status is offline.

If an iSCSI host does not have a multipath driver that is installed and the host is mapped to a volume that is accessible through multiple I/O groups, the host status is always degraded. Only a single path between the host and system I/O groups is supported in such a scenario. This single path is true also for AIX, which does not have a multipath driver that supports iSCSI.

iSCSI protocol limitations

When you use an iSCSI connection, you must consider the iSCSI protocol limitations:
  • There is no SLP support for discovery.
  • Header and data digest support is provided only if the initiator is configured to negotiate.
  • Only one connection per session is supported.
  • A maximum of 1024 iSCSI sessions per iSCSI target is supported.
  • Only ErrorRecoveryLevel 0 (session restart) is supported.
  • The behavior of a host that supports both Fibre Channel and iSCSI connections and accesses a single volume can be unpredictable and depends on the multi-pathing software.
  • A maximum of four sessions can come from one iSCSI initiator to a Storwize V3500 iSCSI target.
The following iSCSI session parameters are supported:
initial_r2t = 1
immediate_data = 0
max_connections = 1
Max_recv_segment_data_length = 32k
max_xmit_data_length = 32k
max_burst_length = 32k
first_burst_length = 32k
default_wait_time = 2
default_retain_time = 20
max_outstanding_r2t = 1
data_pdu_inorder = 1
data_sequence_inorder = 1
error_recovery_level = 0
header_digest = CRC32C,None
data_digest = CRC32C,None
ofmarker = 0
ifmarker = 0
ofmarkint = 2048
ifmarkint = 2048